Enforce DISALLOW_FILE_EDIT via a must-use plugin

PostedMay 26, 2026

UpdatedMay 26, 2026

Byadmin

WARNING: This setting writes a must-use plugin file into wp-content/mu-plugins. That can affect behavior even if normal plugin execution is disabled, so confirm filesystem access and rollback steps before enabling it.

Description of the control

This is the enforcement option under Disable theme/plugin file editor in the Core File Permissions section. The exact checkbox label is Enforce DISALLOW_FILE_EDIT via a must-use plugin.

The help text states that CMSSPM creates wp-content/mu-plugins/cmsspm-mu-disable-file-editor.php when possible. Use this control when file editor disabling should be enforced through an MU plugin file.

Procedure

In WordPress admin, open Posture Management.
Select Core Hardening.
In the Core File Permissions section, locate the checkbox Enforce DISALLOW_FILE_EDIT via a must-use plugin.
Select the checkbox.
Click Save changes.

Validation

After saving, reload Posture Management -> Core Hardening and confirm the checkbox remains selected.

If filesystem access is available, verify that wp-content/mu-plugins/cmsspm-mu-disable-file-editor.php exists. Also verify that the built-in plugin and theme editor is no longer available in WordPress admin.

Getting Started

Installation

Dashboard

Core Security

Account Security

Browser Security

Email Security

File Security

Settings

Troubleshooting

Enforce DISALLOW_FILE_EDIT via a must-use plugin

Description of the control

Procedure

Validation